Privacy Shield Framework Policy
Last Updated: October 4, 2017
This Statement governs European Personal Data transferred from countries in the EU or Switzerland to the United States on behalf of MFX or its customers. It applies to European Personal Data in electronic and off-line formats. “European Personal Data” means information that can directly or indirectly lead to the identification of a living person, such as an individual’s name, address, e-mail, telephone number, license number, social security number, medical identification number, photograph, or other identifying characteristic. The identification can occur by reference to one or more factors specific to the individual’s physical, physiological, mental, economic, cultural or social identity. European Personal Data does not include information that has been anonymized, encoded or otherwise stripped of its identifiers, or information that is publicly available, unless combined with other non-public personal information.
MFX may receive European Personal Data from its customers for purposes of providing services to its customers. In connection with providing the services, MFX may collect passwords, user names, and other data from customer networks, which may incidentally include European Personal Data for the exclusive purposes of performing the services on behalf of its customers. At all times with respect to European Personal data collected on behalf of its customers, and not for any other purpose under US federal or state law, MFX acts as a mere “data processor” (as that term is defined under applicable EU or Swiss law or otherwise referred to under the Privacy Shield Framework as an “agent”).
You have a right to access any of your European Personal Data which MFX may collect or process. You also have a right to request that this data be corrected or removed from our servers.
Resolution of Complaints
In compliance with the Privacy Shield Principles, MFX commits to resolve complaints about our collection or use of your personal information.(EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact MFX at MFXchange US, Inc. Attention: Privacy Officer, 1140 US Hwy 22 East, Suite 201, Bridgewater, NJ 08807.)
MFX commits to cooperate with the International Centre for Dispute Resolution /American Arbitration Association (ICDR/AAA), http://go.adr/org/privacyshield.html in the event you do not receive acknowledgement of your inquiry or your inquiry has not been satisfactorily addressed.
The Federal Trade Commission has jurisdiction over MFX’s compliance with the Privacy Shield.
MFX may also disclose European Personal Data as necessary in connection with the sale or transfer of all or part of its business. MFX does not currently disclose our customers’ European Personal Data to third parties or use third parties for the purposes of processing European Personal Data. If such a situation were to occur in the future, and MFX were to disclose European Personal Data to any third parties acting as “agents” on behalf of MFX, MFX will require the recipient to protect the European Personal Data in accordance with the relevant principles of the Privacy Shield Framework, or otherwise take steps to ensure that the European Personal Data is appropriately protected. In the context of such an onward transfer, MFX has responsibility for the processing of European Personal Data it receives and subsequently transfers to a third party acting as an agent on its behalf. MFX shall remain liable under the Principles if its agent processes such European Personal Data in a manner inconsistent with the Principles, unless MFX proves that it is not responsible for the event giving rise to the damage. MFX may disclose European Personal Data where required or permitted by law, where MFX believes that such disclosures are appropriate in connection with a law enforcement request or otherwise permitted by the Privacy Shield Framework, or in order to investigate, prevent, or take action regarding illegal activities or suspected fraud, or enforce, administer or apply MFX’s agreements.
An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding Privacy Shield compliance not resolved by any of the other Privacy Shield mechanisms. For additional information, see https://www.privacyshield.gov/article?id=ANNEX-I-introduction
If you have any questions about this Policy, or if you would like to request access to European Personal Data that MFX may maintain about you, please contact MFX at Privacy@mfxfservices.com or in writing at:MFXchange US, Inc. Attention: Privacy Officer, 412 Mt Kemble Avenue, Suite 200 Morristown, NJ 07960.